What would your managers do if hackers attacked your business? What would they do if your system got a virus? Or an employee’s computer caught some nasty malware? An incident response plan is critical for your business’s information security. And your management team has a great responsibility in creating and triggering that plan.
Your Incident Response Plan
A clear-cut, well-rehearsed incident response plan can be the difference between hours of downtime and days of downtime.
When everyone knows their role and the actions required of them during an incident, your team can work together to get the company back on track.
Step 1: Identify the team
Who is responsible for responding to information security incidents? “Your IT team” is not an acceptable answer.
Gather individual IT staff names and contact information, and detail each person’s responsibilities. Also note contact information for service providers and appropriate law enforcement.
Many incident response decisions are business-driven and not technical, so also include the names, contact info and responsibilities of the appropriate business-management personnel. If, for example, the business experiences a Crypto virus attack, the business leaders (guided by the IT team) will ultimately decide if they will pay the ransom or restore the data from backups. Know who your decision-makers are and include them in your incident response plan.
Step 2: Create your documentation
Create three levels of documentation.
- A high-level document that outlines the policies
- A detailed document that covers the implementation of the incident response plan
- A technical document that the IT team can use as a guideline. This includes quick-response guides for common scenario
All three of these sets of documents should include the team contact information from Step 1.
Step 3: Define the triggers
When will the incident response plan be triggered?
- When a network intrusion is detected?
- When a system is acting strangely?
- When an employee suspects their computer might have malware?
Define potential risks, threats and points of failure here. Then ensure your managers share this information with every employee!
Once your backup solution is in place, ensure it is tested regularly. Backups are useless if they are not usable.
Run simulations to develop and maintain “muscle memory.” This will also help keep data security at the top of everyone’s mind.
Is Your Company Prepared?
Your managers and your IT team need to work together to make sure your whole company is as secure as possible. If you have any concerns at all about your data security, don’t hesitate to contact us here at Fluid IT Services.